Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oeQhXFM3YRcRlDkk3NBN-FfyTFs.roa
File: oeQhXFM3YRcRlDkk3NBN-FfyTFs.roa (raw, json)
Hash identifier: TqrrM4TOht5TFWdSNhBfNn2l4anaAPEgNygo+4cvNvw=
Subject key identifier: A1:E4:21:5C:53:37:61:17:11:94:39:24:DC:D0:4D:F8:57:F2:4C:5B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018F1459025D52F58365A5C4A0B602081BFE
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oeQhXFM3YRcRlDkk3NBN-FfyTFs.roa
Signing time: Thu 25 Apr 2024 08:22:08 +0000
ROA not before: Thu 25 Apr 2024 08:22:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 103.25.86.0/23 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 12:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:59:02:5d:52:f5:83:65:a5:c4:a0:b6:02:08:1b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 25 08:22:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1e4215c5337611711943924dcd04df857f24c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:03:a4:39:3e:01:15:96:fc:50:bb:54:d2:4f:
32:65:ac:13:e5:36:5f:cb:a0:e0:e1:09:86:0d:98:
0a:7b:4b:04:45:c9:40:a2:f0:50:09:06:58:f5:46:
91:f5:bd:0f:e5:f0:06:13:69:e1:b1:70:38:3c:83:
91:71:6d:0c:63:65:d7:07:5b:b2:16:de:91:d1:9b:
10:f7:c4:c8:5e:20:c5:10:2b:bc:c8:a9:8f:e2:ad:
9e:7d:2f:a0:c1:80:0f:fa:0c:fa:12:06:ad:df:3f:
97:97:07:6f:e9:00:44:27:19:4c:66:fd:a7:d5:6b:
eb:9a:69:eb:bc:3a:9d:95:67:d8:47:72:5c:71:13:
50:0f:1f:7f:9f:03:ce:75:74:fa:a7:96:37:b9:46:
78:c0:2a:fc:ae:6f:ce:01:d7:77:d7:65:ca:6b:c2:
b3:bd:8a:29:65:9a:7f:cc:03:43:73:40:c5:54:95:
74:9b:99:76:a2:07:83:3f:40:51:9e:dd:ea:b5:91:
06:ca:2b:31:a0:22:ab:75:31:89:bb:79:19:52:2e:
d3:31:cf:3d:22:9a:d8:99:24:c1:f8:e3:1b:c9:6d:
00:a0:9a:72:d8:a4:9c:e5:88:7e:bf:b1:33:1a:78:
ae:19:91:7e:f0:53:6d:38:2c:58:f5:1b:e0:a4:13:
a5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E4:21:5C:53:37:61:17:11:94:39:24:DC:D0:4D:F8:57:F2:4C:5B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oeQhXFM3YRcRlDkk3NBN-FfyTFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.25.86.0/23
202.133.90.0/23
213.173.35.0/24
Signature Algorithm: sha256WithRSAEncryption
89:98:9a:d8:cb:be:a4:9e:6d:c1:0c:01:1b:d9:ed:8c:1e:ca:
12:85:56:8d:d3:cf:6a:70:95:0c:23:12:21:5c:b5:d4:0b:9a:
38:81:0e:07:94:1b:4e:bc:ea:30:a8:ca:40:f0:e4:c8:9f:28:
77:a1:cf:36:53:20:3f:48:d4:32:5e:cd:c9:8d:0d:bf:2b:74:
28:71:27:a1:e0:6d:66:5b:c4:62:e7:28:09:5c:68:4c:c7:69:
6f:00:99:91:38:62:8c:88:20:c2:22:50:41:b8:22:61:8b:85:
5c:a3:2c:53:98:42:d4:bb:b0:58:81:0e:b0:24:08:85:90:72:
69:50:d1:23:13:aa:7a:4a:73:b3:40:cf:7a:d9:f4:16:b9:7a:
93:37:75:2c:ee:d6:ac:c3:19:1e:91:61:5a:62:3f:d6:ee:02:
26:3b:f4:9b:12:63:1f:f3:83:ff:26:b9:75:d8:90:d3:17:0c:
1a:d5:df:7a:fc:40:df:aa:08:f3:1c:f8:99:73:1e:5e:51:1b:
80:de:11:9e:74:fc:85:80:bc:15:1b:57:63:34:ed:70:f4:53:
6c:fa:cf:46:16:a1:df:a6:7a:f6:d7:17:57:4c:4f:ed:b4:48:
f7:ab:d0:84:b0:57:3e:59:65:1a:e8:fb:c3:eb:e2:ae:52:8d:
87:51:5c:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8UWQJdUvWDZaXEoLYCCBv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNDI1MDgyMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWU0MjE1YzUzMzc2MTE3MTE5NDM5MjRkY2QwNGRmODU3ZjI0YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwOkOT4BFZb8ULtU0k8yZawT5TZf
y6Dg4QmGDZgKe0sERclAovBQCQZY9UaR9b0P5fAGE2nhsXA4PIORcW0MY2XXB1uy
Ft6R0ZsQ98TIXiDFECu8yKmP4q2efS+gwYAP+gz6Egat3z+Xlwdv6QBEJxlMZv2n
1WvrmmnrvDqdlWfYR3JccRNQDx9/nwPOdXT6p5Y3uUZ4wCr8rm/OAdd312XKa8Kz
vYopZZp/zANDc0DFVJV0m5l2ogeDP0BRnt3qtZEGyisxoCKrdTGJu3kZUi7TMc89
IprYmSTB+OMbyW0AoJpy2KSc5Yh+v7EzGniuGZF+8FNtOCxY9RvgpBOlEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKHkIVxTN2EXEZQ5JNzQTfhX8kxbMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvb2VRaFhGTTNZUmNSbERrazNOQk4tRmZ5VEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBZxlWAwQB
yoVaAwQA1a0jMA0GCSqGSIb3DQEBCwUAA4IBAQCJmJrYy76knm3BDAEb2e2MHsoS
hVaN089qcJUMIxIhXLXUC5o4gQ4HlBtOvOowqMpA8OTInyh3oc82UyA/SNQyXs3J
jQ2/K3QocSeh4G1mW8Ri5ygJXGhMx2lvAJmROGKMiCDCIlBBuCJhi4VcoyxTmELU
u7BYgQ6wJAiFkHJpUNEjE6p6SnOzQM962fQWuXqTN3Us7taswxkekWFaYj/W7gIm
O/SbEmMf84P/Jrl12JDTFwwa1d96/EDfqgjzHPiZcx5eURuA3hGedPyFgLwVG1dj
NO1w9FNs+s9GFqHfpnr21xdXTE/ttEj3q9CEsFc+WWUa6PvD6+KuUo2HUVyP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org